EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Connection failed (error code is 75797) using TElHTTPSClient

Posted: 11/04/2014 14:03:58
by Clinton Frankland (Standard support level)
Joined: 11/03/2014
Posts: 3

I'm trying to address an issue with GoDaddy, who will no longer accept SSL3 connections. I have an application that connects to a customer's site hosted with GoDaddy using. This application has stopped working. Using .Net v4.5.1, and specifying TLS v1.2 does work, however our environment requires .Net v4.

We've purchased SecureBlackBox, and have attempted the following code:

Dim http As New TElHTTPSClient()
http.Versions = SBSSLConstants.Unit.sbTLS12
Dim rslt As Integer = http.Get("https://www.traknreturn.com")
Dim sr As New StreamReader(http.OutputStream)
Dim strResult = sr.ReadToEnd

This code results in an SBSimpleSSL.EElSimpleSSLClientError error.

Message: Connection failed (error code is 75797).

at SBSimpleSSL.TElCustomSimpleSSLClient.Open()
at SBHTTPSClient.TElHTTPSClient.PerformRequest(Int32 Method, String URL)
at SBHTTPSClient.TElHTTPSClient.Get(String URL)
at pocHttpGetSsl.Form1.Form1_Load(Object sender, EventArgs e) in E:\Google Drive\Documents\Visual Studio 2013\Projects\pocHttpGetSsl\pocHttpGetSsl\Form1.vb:line 12
Posted: 11/04/2014 23:28:58
by Eugene Mayevski (Team)

The very first issue is that you seem to have not implemented OnCertificateValidate event handler.

Sincerely yours
Eugene Mayevski
Posted: 11/04/2014 23:42:06
by Ken Ivanov (Team)

Hi Clinton,

Please also check the product version you are using. If it's not the most recent one (12.0.262), please upgrade to it to get use of a number of post-POODLE compatibility improvements which it incorporates.

Posted: 11/05/2014 06:25:23
by Clinton Frankland (Standard support level)
Joined: 11/03/2014
Posts: 3

I've implemented http_OnCertificateValidate and http_OnError, as well as some others. I didn't include them for ease in posting.

http_OnCertificateValidate never fires, though http_OnError does with ErrorCode = 75797, Fatal = false, and Remote = true.

We purchased, downloaded, and installed yesterday, so hopefully, which we are using, is the most recent.

Another application with the same GoDaddy issue with the .Net v4.0 framework, uses a post, rather than get. I've coded that application too, with the exact same error, but for simplicity I've only posted the get and modified the URL for security sake. This URL produces the same error, so that seemed a safe switch.

Clinton Frankland
Posted: 11/05/2014 07:15:58
by Ken Ivanov (Team)

Just wish to confirm that we've managed to reproduce the issue with the web site you mentioned and are looking deeper into the issue now. We will keep you updated.
Posted: 11/05/2014 07:58:17
by Ken Ivanov (Team)

Hi Clinton,

We've found out where the problem is. TElHTTPSClient automatically sends the 'Server Name' TLS extension which helps the server choose the right certificate in environments where several domains are hosted on the same physical machine (which is particularly typical for virtual hosting environments). It seems that your server is confused by that extension, coming up with an internal error (that is what 75797 code stands for). This is quite unusual behaviour; most servers do accept the 'Server Name' extension as prescribed by the guidelines.

To work around the issue, please turn off automatic insertion of the server name extension with the following code:

HTTPSClient.Control.Options = HTTPSClient.Control.Options And Not SBSSLCommon.Unit.ssloAutoAddServerNameExtension

Posted: 11/05/2014 12:45:04
by Clinton Frankland (Standard support level)
Joined: 11/03/2014
Posts: 3

Thank you so much. This worked wonderfully!



Topic viewed 1429 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!